URLhaus Database

You are currently viewing the URLhaus database entry for http://188.137.182.115/1.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3801389
URL:	http://188.137.182.115/1.exe
URL Status:	Online (spreading malware for 2 days, 11 hours, 49 minutes)
Host:	188.137.182.115
Date added:	2026-03-21 18:00:14 UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2026-03-21 18:01:11 UTC to abuse{at}podaon[dot]com)
Tags:	dropped-by-amadey fbf543 Vidar

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2026-03-24	1.exe	exe	4f4fea97cf022065218e4046265387f6ccd3d498da3c94965b481223cfb27712	n/a
2026-03-23	1.exe	exe	b74f290d030a1186be9e6c62ffa2f5c75d4d5adf30d578a9b4b2514b08e5228d	n/a
2026-03-23	1.exe	exe	174209996f6383eb4dfbe3ccfc27bcc33811683e0b9ccda50639583e00762ae8	n/a	Vidar
2026-03-23	1.exe	exe	03b8faa3c4ecb72007dc76de1bcdcfb43c0ef8d5a2c6ccf1ed16cbea60abc445	n/a	Vidar
2026-03-23	1.exe	exe	6af1e032c74051c91a3c4653a484ed283ca7853461239f23a31bf9642f80a310	n/a	Vidar
2026-03-23	1.exe	exe	3beabe9bc924c77c401c958994346485eca3090aeda89595efc5752d563a1695	n/a	Vidar
2026-03-22	1.exe	exe	b224a91163f98f0bc4cbec9a9074d7030df8dfa433b25f984a94ff3d7dd4b01d	n/a	Vidar
2026-03-22	1.exe	exe	1b195f5324744aa035f5219a2ba39941a357137bad52d14c4c56e3cd06b54964	n/a	Vidar
2026-03-22	1.exe	exe	065560a18dbe924bc7915f455180d0be664532f6d60e2d8f3a7ae83fec03c067	n/a	Vidar
2026-03-22	1.exe	exe	8b58212aadc8238b0f70c8dc5bf79d176ae42f1ff8b56023058a43a4d5a64e4e	n/a	Vidar
2026-03-21	1.exe	exe	65b08a0095437d7970ff02450b89f40d1e3e541f27326dd0e8208b3a730d0f91	n/a	Vidar
2026-03-21	1.exe	exe	44bcb51ef26fe58edd36ea97714f79d9ac9772ee62e3bdbcfbcf4469fedff337	n/a	Vidar